From 0d0fdef363087603869c0a0c3506b117ce33b243 Mon Sep 17 00:00:00 2001 From: quark Date: Sun, 9 Feb 2025 17:58:38 +0100 Subject: [PATCH 01/16] fix issue with activity entry view --- apps/activity/views.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/activity/views.py b/apps/activity/views.py index d559255d..17446947 100644 --- a/apps/activity/views.py +++ b/apps/activity/views.py @@ -329,7 +329,7 @@ class ActivityEntryView(LoginRequiredMixin, SingleTableMixin, TemplateView): context["noteuser_ctype"] = ContentType.objects.get_for_model(NoteUser).pk context["notespecial_ctype"] = ContentType.objects.get_for_model(NoteSpecial).pk - activities_open = Activity.objects.filter(open=True).filter( + activities_open = Activity.objects.filter(open=True, activity_type__manage_entries=True).filter( PermissionBackend.filter_queryset(self.request, Activity, "view")).distinct().all() context["activities_open"] = [a for a in activities_open if PermissionBackend.check_perm(self.request, From dc56deaf85e296ee4b0f05be215ba54b3dcb3875 Mon Sep 17 00:00:00 2001 From: thomasl Date: Thu, 13 Feb 2025 21:17:57 +0100 Subject: [PATCH 02/16] Final modifications --- apps/member/forms.py | 2 +- apps/member/views.py | 24 ++++++++-- apps/permission/fixtures/initial.json | 68 +++++++++++++++++++++++++++ locale/fr/LC_MESSAGES/django.po | 8 ++-- 4 files changed, 92 insertions(+), 10 deletions(-) diff --git a/apps/member/forms.py b/apps/member/forms.py index 352a5625..ef9cb24d 100644 --- a/apps/member/forms.py +++ b/apps/member/forms.py @@ -45,7 +45,7 @@ class ProfileForm(forms.ModelForm): A form for the extras field provided by the :model:`member.Profile` model. """ # Remove widget=forms.HiddenInput() if you want to use report frequency. - report_frequency = forms.IntegerField(required=False, initial=0, label=_("Report frequency"), widget=forms.HiddenInput()) + report_frequency = forms.IntegerField(required=False, initial=0, label=_("Report frequency")) last_report = forms.DateTimeField(required=False, disabled=True, label=_("Last report date")) diff --git a/apps/member/views.py b/apps/member/views.py index 348bf089..66980c7d 100644 --- a/apps/member/views.py +++ b/apps/member/views.py @@ -26,6 +26,7 @@ from note_kfet.middlewares import _set_current_request from permission.backends import PermissionBackend from permission.models import Role from permission.views import ProtectQuerysetMixin, ProtectedCreateView +from django import forms from .forms import UserForm, ProfileForm, ImageForm, ClubForm, MembershipForm, \ CustomAuthenticationForm, MembershipRolesForm @@ -72,11 +73,24 @@ class UserUpdateView(ProtectQuerysetMixin, LoginRequiredMixin, UpdateView): form.fields['email'].required = True form.fields['email'].help_text = _("This address must be valid.") - if PermissionBackend.check_perm(self.request, "member.change_profile", context['user_object'].profile): - context['profile_form'] = self.profile_form(instance=context['user_object'].profile, - data=self.request.POST if self.request.POST else None) - if not self.object.profile.report_frequency: - del context['profile_form'].fields["last_report"] + profile_form = self.profile_form(instance=context['user_object'].profile, + data=self.request.POST if self.request.POST else None) + + if not self.object.profile.report_frequency: + del profile_form.fields["last_report"] + + fields_to_check = list(profile_form.fields.keys()) + fields_modifiable = False + + # Delete the fields for which the user does not have the permission to modify + for field_name in fields_to_check: + if not PermissionBackend.check_perm(self.request, f"member.change_profile_{field_name}", context['user_object'].profile): + profile_form.fields[field_name].widget = forms.HiddenInput() + else: + fields_modifiable = True + + if fields_modifiable: + context['profile_form'] = profile_form return context diff --git a/apps/permission/fixtures/initial.json b/apps/permission/fixtures/initial.json index 00f952cc..36134dee 100644 --- a/apps/permission/fixtures/initial.json +++ b/apps/permission/fixtures/initial.json @@ -3832,6 +3832,74 @@ "description": "Voir les profils des membres du club" } }, + { + "model": "permission.permission", + "pk": 244, + "fields": { + "model": [ + "member", + "profile" + ], + "query": "{}", + "type": "change", + "mask": 3, + "field": "ml_events_registration", + "permanent": false, + "description": "Modifier l'abonnement à la Newsletter BDE pour n'importe quel profil" + } + }, + { + "model": "permission.permission", + "pk": 245, + "fields": { + "model": [ + "member", + "profile" + ], + "query": "{}", + "type": "change", + "mask": 3, + "field": "ml_art_registration", + "permanent": false, + "description": "Modifier l'abonnement à la Newsletter Art pour n'importe quel profil" + } + }, + { + "model": "permission.permission", + "pk": 246, + "fields": { + "model": [ + "member", + "profile" + ], + "query": "{}", + "type": "change", + "mask": 3, + "field": "ml_sport_registration", + "permanent": false, + "description": "Modifier l'abonnement à la Newsletter Sport pour n'importe quel profil" + } + }, + { + "model": "permission.permission", + "pk": 247, + "fields": { + "model": [ + "member", + "profile" + ], + "query": "{}", + "type": "view", + "mask": 3, + "field": [ + "ml_events_registration", + "ml_art_registration", + "ml_sport_registration" + ], + "permanent": false, + "description": "Voir les abonnements aux Newsletters de n'importe quel profil" + } + }, { "model": "permission.role", "pk": 1, diff --git a/locale/fr/LC_MESSAGES/django.po b/locale/fr/LC_MESSAGES/django.po index 2af3257e..a95cb766 100644 --- a/locale/fr/LC_MESSAGES/django.po +++ b/locale/fr/LC_MESSAGES/django.po @@ -795,11 +795,11 @@ msgstr "Masque de permissions" #: apps/member/forms.py:46 msgid "Report frequency" -msgstr "Fréquence des rapports (en jours)" +msgstr "Fréquence des relevés (en jours)" #: apps/member/forms.py:48 msgid "Last report date" -msgstr "Date de dernier rapport" +msgstr "Date de dernier relevé" #: apps/member/forms.py:52 msgid "" @@ -1045,11 +1045,11 @@ msgstr "" #: apps/member/models.py:117 msgid "report frequency (in days)" -msgstr "fréquence des rapports (en jours)" +msgstr "fréquence des relevés (en jours)" #: apps/member/models.py:122 msgid "last report date" -msgstr "date de dernier rapport" +msgstr "date de dernier relevé" #: apps/member/models.py:127 msgid "email confirmed" From 983d7ec052e060e8e720f0050e9cee67cb519e01 Mon Sep 17 00:00:00 2001 From: thomasl Date: Thu, 13 Feb 2025 21:35:29 +0100 Subject: [PATCH 03/16] linters --- apps/member/views.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/apps/member/views.py b/apps/member/views.py index 66980c7d..4d18a40a 100644 --- a/apps/member/views.py +++ b/apps/member/views.py @@ -77,8 +77,8 @@ class UserUpdateView(ProtectQuerysetMixin, LoginRequiredMixin, UpdateView): data=self.request.POST if self.request.POST else None) if not self.object.profile.report_frequency: - del profile_form.fields["last_report"] - + del profile_form.fields["last_report"] + fields_to_check = list(profile_form.fields.keys()) fields_modifiable = False @@ -88,7 +88,7 @@ class UserUpdateView(ProtectQuerysetMixin, LoginRequiredMixin, UpdateView): profile_form.fields[field_name].widget = forms.HiddenInput() else: fields_modifiable = True - + if fields_modifiable: context['profile_form'] = profile_form From eb5044490bb59a4ac44867091826a5597ffaa75f Mon Sep 17 00:00:00 2001 From: thomasl Date: Thu, 13 Feb 2025 21:37:58 +0100 Subject: [PATCH 04/16] Delete a useless permission --- apps/permission/fixtures/initial.json | 20 -------------------- 1 file changed, 20 deletions(-) diff --git a/apps/permission/fixtures/initial.json b/apps/permission/fixtures/initial.json index 36134dee..44341309 100644 --- a/apps/permission/fixtures/initial.json +++ b/apps/permission/fixtures/initial.json @@ -3880,26 +3880,6 @@ "description": "Modifier l'abonnement à la Newsletter Sport pour n'importe quel profil" } }, - { - "model": "permission.permission", - "pk": 247, - "fields": { - "model": [ - "member", - "profile" - ], - "query": "{}", - "type": "view", - "mask": 3, - "field": [ - "ml_events_registration", - "ml_art_registration", - "ml_sport_registration" - ], - "permanent": false, - "description": "Voir les abonnements aux Newsletters de n'importe quel profil" - } - }, { "model": "permission.role", "pk": 1, From e7a98c86f07292c414fb3765f5edd17d5ffe960d Mon Sep 17 00:00:00 2001 From: thomasl Date: Thu, 13 Feb 2025 21:51:26 +0100 Subject: [PATCH 05/16] Tried something with permissions --- apps/permission/fixtures/initial.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/permission/fixtures/initial.json b/apps/permission/fixtures/initial.json index 44341309..25048ab6 100644 --- a/apps/permission/fixtures/initial.json +++ b/apps/permission/fixtures/initial.json @@ -127,7 +127,7 @@ "auth", "user" ], - "query": "{\"pk\": [\"user\", \"pk\"]}", + "query": "{[\"AND\", {\"pk\": [\"user\", \"pk\"]}, {\"memberships__club__parent_club__isnull\": true}]", "type": "change", "mask": 1, "field": "last_login", From 1836677c47d34a91b697a9db93b220d71c7a76ab Mon Sep 17 00:00:00 2001 From: thomasl Date: Thu, 13 Feb 2025 22:30:36 +0100 Subject: [PATCH 06/16] Update file initial.json --- apps/permission/fixtures/initial.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/permission/fixtures/initial.json b/apps/permission/fixtures/initial.json index 25048ab6..70ec6650 100644 --- a/apps/permission/fixtures/initial.json +++ b/apps/permission/fixtures/initial.json @@ -127,7 +127,7 @@ "auth", "user" ], - "query": "{[\"AND\", {\"pk\": [\"user\", \"pk\"]}, {\"memberships__club__parent_club__isnull\": true}]", + "query": "[\"AND\", {\"pk\": [\"user\", \"pk\"]}, {\"memberships__club__parent_club__isnull\": true}]", "type": "change", "mask": 1, "field": "last_login", From 26b351a51c28da755a08dc683cd884eef4834a4a Mon Sep 17 00:00:00 2001 From: thomasl Date: Fri, 14 Feb 2025 18:14:35 +0100 Subject: [PATCH 07/16] Add another permission for model guest in activity --- apps/permission/fixtures/initial.json | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/apps/permission/fixtures/initial.json b/apps/permission/fixtures/initial.json index 70ec6650..d49cbb41 100644 --- a/apps/permission/fixtures/initial.json +++ b/apps/permission/fixtures/initial.json @@ -3880,6 +3880,22 @@ "description": "Modifier l'abonnement à la Newsletter Sport pour n'importe quel profil" } }, + { + "model": "permission.permission", + "pk": 247, + "fields": { + "model": [ + "activity", + "guest" + ], + "query": "{\"activity__organizer\": [\"club\"]}", + "type": "view", + "mask": 2, + "field": "", + "permanent": false, + "description": "Voir les personnes invitées aux événements organisés par son club" + } + }, { "model": "permission.role", "pk": 1, From c7a92fa4b2898ac59973c6ef8493f1963dba8434 Mon Sep 17 00:00:00 2001 From: thomasl Date: Sun, 16 Feb 2025 20:49:11 +0100 Subject: [PATCH 08/16] Update file initial.json --- apps/permission/fixtures/initial.json | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/apps/permission/fixtures/initial.json b/apps/permission/fixtures/initial.json index d49cbb41..86db3c3f 100644 --- a/apps/permission/fixtures/initial.json +++ b/apps/permission/fixtures/initial.json @@ -3896,6 +3896,22 @@ "description": "Voir les personnes invitées aux événements organisés par son club" } }, + { + "model": "permission.permission", + "pk": 248, + "fields": { + "model": [ + "member", + "profile" + ], + "query": "[\"NOT\", {\"pk__isnull\": [\"user\", \"note\", \"activity_responsible\", [\"filter\", {\"activity__open\": true, \"activity__activity_type__manage_entries\":true}], [\"exists\"]]}]", + "type": "view", + "mask": 3, + "field": "", + "permanent": false, + "description": "Voir n'importe quel profil" + } + }, { "model": "permission.role", "pk": 1, From ccd9a66ab95b29fe6316ec1cb91d2681521555f2 Mon Sep 17 00:00:00 2001 From: thomasl Date: Sun, 16 Feb 2025 23:24:39 +0100 Subject: [PATCH 09/16] Update file initial.json --- apps/permission/fixtures/initial.json | 20 ++------------------ 1 file changed, 2 insertions(+), 18 deletions(-) diff --git a/apps/permission/fixtures/initial.json b/apps/permission/fixtures/initial.json index 86db3c3f..9d51aefa 100644 --- a/apps/permission/fixtures/initial.json +++ b/apps/permission/fixtures/initial.json @@ -3216,12 +3216,12 @@ "note", "specialtransaction" ], - "query": "[\"NOT\", {\"pk__isnull\": [\"user\", \"note\", \"activity_responsible\", [\"filter\", {\"activity__open\": true, \"activity__activity_type__manage_entries\":true}], [\"exists\"]]}]", + "query": "[\"AND\", {\"source__notespecial__gte\":0}, [\"NOT\", {\"pk__isnull\": [\"user\", \"note\", \"activity_responsible\", [\"filter\", {\"activity__open\": true, \"activity__activity_type__manage_entries\":true}], [\"exists\"]]}]]", "type": "add", "mask": 2, "field": "", "permanent": false, - "description": "Créer un crédit ou un retrait quelconque lorsque l'utilisateur⋅rice est ouvreur⋅se d'une activité ouverte" + "description": "Créer un crédit quelconque lorsque l'utilisateur⋅rice est ouvreur⋅se d'une activité ouverte" } }, { @@ -3896,22 +3896,6 @@ "description": "Voir les personnes invitées aux événements organisés par son club" } }, - { - "model": "permission.permission", - "pk": 248, - "fields": { - "model": [ - "member", - "profile" - ], - "query": "[\"NOT\", {\"pk__isnull\": [\"user\", \"note\", \"activity_responsible\", [\"filter\", {\"activity__open\": true, \"activity__activity_type__manage_entries\":true}], [\"exists\"]]}]", - "type": "view", - "mask": 3, - "field": "", - "permanent": false, - "description": "Voir n'importe quel profil" - } - }, { "model": "permission.role", "pk": 1, From a7cba0a4a3ca038ab3f79cd7a63c9ea5a2588754 Mon Sep 17 00:00:00 2001 From: thomasl Date: Sun, 16 Feb 2025 23:33:18 +0100 Subject: [PATCH 10/16] Update file initial.json --- apps/permission/fixtures/initial.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/apps/permission/fixtures/initial.json b/apps/permission/fixtures/initial.json index 9d51aefa..d49cbb41 100644 --- a/apps/permission/fixtures/initial.json +++ b/apps/permission/fixtures/initial.json @@ -3216,12 +3216,12 @@ "note", "specialtransaction" ], - "query": "[\"AND\", {\"source__notespecial__gte\":0}, [\"NOT\", {\"pk__isnull\": [\"user\", \"note\", \"activity_responsible\", [\"filter\", {\"activity__open\": true, \"activity__activity_type__manage_entries\":true}], [\"exists\"]]}]]", + "query": "[\"NOT\", {\"pk__isnull\": [\"user\", \"note\", \"activity_responsible\", [\"filter\", {\"activity__open\": true, \"activity__activity_type__manage_entries\":true}], [\"exists\"]]}]", "type": "add", "mask": 2, "field": "", "permanent": false, - "description": "Créer un crédit quelconque lorsque l'utilisateur⋅rice est ouvreur⋅se d'une activité ouverte" + "description": "Créer un crédit ou un retrait quelconque lorsque l'utilisateur⋅rice est ouvreur⋅se d'une activité ouverte" } }, { From 83d5a7ceffa3aea1f589ee205527c1f6bc02eef6 Mon Sep 17 00:00:00 2001 From: thomasl Date: Mon, 17 Feb 2025 01:58:13 +0100 Subject: [PATCH 11/16] Update file initial.json --- apps/permission/fixtures/initial.json | 32 +++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) diff --git a/apps/permission/fixtures/initial.json b/apps/permission/fixtures/initial.json index d49cbb41..f43bc388 100644 --- a/apps/permission/fixtures/initial.json +++ b/apps/permission/fixtures/initial.json @@ -3896,6 +3896,38 @@ "description": "Voir les personnes invitées aux événements organisés par son club" } }, + { + "model": "permission.permission", + "pk": 248, + "fields": { + "model": [ + "auth", + "user" + ], + "query": "[\"NOT\", {\"pk__isnull\": [\"user\", \"note\", \"activity_responsible\", [\"filter\", {\"activity__open\": true, \"activity__activity_type__manage_entries\":true}], [\"exists\"]]}]", + "type": "view", + "mask": 3, + "field": "", + "permanent": false, + "description": "Voir n'importe quel⋅le utilisateur⋅rice pour les ouvreur⋅ses" + } + }, + { + "model": "permission.permission", + "pk": 249, + "fields": { + "model": [ + "note", + "note" + ], + "query": "[\"NOT\", {\"pk__isnull\": [\"user\", \"note\", \"activity_responsible\", [\"filter\", {\"activity__open\": true, \"activity__activity_type__manage_entries\":true}], [\"exists\"]]}]", + "type": "view", + "mask": 2, + "field": "", + "permanent": false, + "description": "Voir toutes les notes lorsque utilisateur⋅rice est ouvreur⋅ses" + } + }, { "model": "permission.role", "pk": 1, From 1af9f5f23cdc39cc446e9a21d0cd70ed0cca17b1 Mon Sep 17 00:00:00 2001 From: thomasl Date: Mon, 17 Feb 2025 02:12:44 +0100 Subject: [PATCH 12/16] some updates --- note.cron | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/note.cron b/note.cron index 2f75f989..5509deaf 100644 --- a/note.cron +++ b/note.cron @@ -27,4 +27,5 @@ MAILTO=notekfet2020@lists.crans.org # Vider les tokens Oauth2 00 6 * * * root cd /var/www/note_kfet && env/bin/python manage.py cleartokens -v 0 # Envoyer la liste des abonnés à la NL BDA - 00 8 * * 0 root cd /var/www/note_kfet && env/bin/python manage.py extract_ml_registrations -t art -v 0 \ No newline at end of file + 00 10 * * 0 root cd /var/www/note_kfet && env/bin/python manage.py extract_ml_registrations -t art + \ No newline at end of file From 6225fb51f11f2c7ffd6ffed3a241218c5f3e8925 Mon Sep 17 00:00:00 2001 From: thomasl Date: Mon, 17 Feb 2025 14:10:21 +0100 Subject: [PATCH 13/16] Add some permissions --- apps/permission/fixtures/initial.json | 64 +++++++++++++++++++++++++++ 1 file changed, 64 insertions(+) diff --git a/apps/permission/fixtures/initial.json b/apps/permission/fixtures/initial.json index f43bc388..1ebb33c9 100644 --- a/apps/permission/fixtures/initial.json +++ b/apps/permission/fixtures/initial.json @@ -3928,6 +3928,70 @@ "description": "Voir toutes les notes lorsque utilisateur⋅rice est ouvreur⋅ses" } }, + { + "model": "permission.permission", + "pk": 250, + "fields": { + "model": [ + "activity", + "guest" + ], + "query": "{\"activity__organizer\": [\"club\"]}", + "type": "delete", + "mask": 1, + "field": "", + "permanent": false, + "description": "Supprimer des personnes invitées aux événements organisés par son club" + } + }, + { + "model": "permission.permission", + "pk": 251, + "fields": { + "model": [ + "activity", + "opener" + ], + "query": "{\"activity__organizer\": [\"club\"]}", + "type": "view", + "mask": 2, + "field": "", + "permanent": false, + "description": "Voir les ouvreur⋅ses des activités organisées par son club" + } + }, + { + "model": "permission.permission", + "pk": 252, + "fields": { + "model": [ + "activity", + "opener" + ], + "query": "{{\"activity__organizer\": [\"club\"]}}", + "type": "add", + "mask": 2, + "field": "", + "permanent": false, + "description": "Ajouter des ouvreur⋅ses aux activités organisées par son club" + } + }, + { + "model": "permission.permission", + "pk": 253, + "fields": { + "model": [ + "activity", + "opener" + ], + "query": "{\"activity__organizer\": [\"club\"]}", + "type": "delete", + "mask": 2, + "field": "", + "permanent": false, + "description": "Supprimer des ouvreur⋅ses aux activités organisées par son club" + } + }, { "model": "permission.role", "pk": 1, From b1ffb2853206ed96c99b757604b0eccfd35a3e50 Mon Sep 17 00:00:00 2001 From: thomasl Date: Mon, 17 Feb 2025 14:19:00 +0100 Subject: [PATCH 14/16] Update file initial.json --- apps/permission/fixtures/initial.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/permission/fixtures/initial.json b/apps/permission/fixtures/initial.json index 1ebb33c9..1cc6f50a 100644 --- a/apps/permission/fixtures/initial.json +++ b/apps/permission/fixtures/initial.json @@ -3968,7 +3968,7 @@ "activity", "opener" ], - "query": "{{\"activity__organizer\": [\"club\"]}}", + "query": "{\"activity__organizer\": [\"club\"]}", "type": "add", "mask": 2, "field": "", From 041a8f20a97f157aef7c5f17ae40473d4d8ff843 Mon Sep 17 00:00:00 2001 From: thomasl Date: Mon, 17 Feb 2025 14:28:00 +0100 Subject: [PATCH 15/16] A permission was missing --- apps/permission/fixtures/initial.json | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/apps/permission/fixtures/initial.json b/apps/permission/fixtures/initial.json index 1cc6f50a..f3bfb052 100644 --- a/apps/permission/fixtures/initial.json +++ b/apps/permission/fixtures/initial.json @@ -3992,6 +3992,22 @@ "description": "Supprimer des ouvreur⋅ses aux activités organisées par son club" } }, + { + "model": "permission.permission", + "pk": 254, + "fields": { + "model": [ + "activity", + "activity" + ], + "query": "{\"organizer\": [\"club\"]}", + "type": "change", + "mask": 2, + "field": "opener", + "permanent": false, + "description": "Voir le tableau des ouvreur⋅ses pour les activités organisées par son club" + } + }, { "model": "permission.role", "pk": 1, From 88b1a25ca05d5759f9421e89995c2290bcf560be Mon Sep 17 00:00:00 2001 From: thomasl Date: Tue, 18 Feb 2025 21:26:55 +0100 Subject: [PATCH 16/16] Update file initial.json --- apps/permission/fixtures/initial.json | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/apps/permission/fixtures/initial.json b/apps/permission/fixtures/initial.json index f3bfb052..8589bb37 100644 --- a/apps/permission/fixtures/initial.json +++ b/apps/permission/fixtures/initial.json @@ -4057,7 +4057,9 @@ 203, 204, 205, - 206 + 206, + 248, + 249 ] } },